06-10-2023 09:03 AM
Our network of 60 remote sites linked to the central office is based on a leased VPN link provided by a telecom operator.
The solution is very costly compared with the bandwidth, which is no more than 0.5 Mb in most sites. we'd like to set up our own Vpn network using Cisco equipment. what do you recommend?
I insist on the traffic security part
Thank you
06-10-2023 09:13 AM
@Meduober that depends on your budget and the hardware, a more advanced solution would be SDWAN, but that might be more expensive and add complexity. DMVPN or FlexVPN are an adequate solution and is supported on Cisco IOS-XE routers.
https://www.cisco.com/c/en/us/support/security/flexvpn/products-configuration-examples-list.html
Both DMVPN and FlexVPN are route based VPNs, which creates a hub and spoke topology (and spoke-to-spoke if required). The routing protocol (OSPF, BGP, EIGRP or IKEv2 routing if using FlexVPN) controls which traffic is encrypted and routed over the VPN tunnel.
Or alternatively use a Firewall such as the FPR1010 running FTD or ASA software, which can be managed centrally (FMC/CDO), both solutions support Dynamic/Static VTI.
06-10-2023 09:42 AM
many solution here,
DMVPN -> this need router FW not support GRE, 60 sites 0.5 Mb for each you need ISR4431 or ISR4451
FlexVPN (IKEv2) <- this support by both router and Firepower FW of cisco
SD-WAN <- for hub-spoke this need from you change all site router to IOS XE SD-WAN or vEdge, so it to cost.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide